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DETAILED ACTION 

1 . The Information Disclosure Statement filed on March 5, 2004 was seen by the 
examiner and will be considered. 

2. Claims 1-21 are pending in this application. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claim 11 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. Claim 1 1 is dependent upon itself rendering the scope of the 
claim vague and indefinite. It is assumed to be dependent upon Claim 10 and will be 
treated as such for the remainder of the office action. Appropriate correction is 
required. 

5. Claim 16 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. Claim 16 is grammatically incorrect, "with the interface 
connection" written twice in line 7-8, which renders the scope of the claim vague and 
indefinite. The second occurrence of the phrase will be taken out for the purpose of this 
Office Action. Appropriate correction is required. 
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Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

7. Claims 1-4, 10, and 15 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Islam et al. (US 2003/0035430) herein after "Islam". 

8. Considering Claim 1, Islam discloses analyzing data content received at a local 
area network from an external communications network; receiving unanalyzed 
content at a local area network ([0033] lines 4-6, [0089] lines 20-24); passing the 
unanalyzed content to a switch in the local area network ([0033] lines 4-6, [0089] 
lines 20-24); analyzing the unanalyzed content at the switch and generating 
analyzed data ([0033] lines 4-6, [0089] lines 20-24); and routing the analyzed 
data to a device in the local area network in communication with the switch 
([0034] having Ethernet ports gives you a connection to a device in the network). 
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9. Considering Claim 2, Islam discloses applying a content filtering algorithm to the 
unanalyzed content upon ingress at a port at the switch ([0044] lines 1-9, 
performing functions on inbound packet flows reads on upon ingress). 

10. Considering Claim 3, Islam discloses applying a content filtering algorithm to the 
unanalyzed content upon egress at a port at the switch ([0044] lines 1-9, 
performing functions on outbound packet flows reads on upon egress). 

1 1 . Considering Claim 4, Islam discloses the unanalyzed content is formatted in data 
packets ([0037] lines 9-12, [0044] lines 3-5). 

12. Considering Claim 10, Islam discloses receiving a content analysis software 
update at the switch from a managed service provider network via the external 
communications network (abstract, [0014], [0016], [0037] lines 6-9). 

13. Considering Claim 15, Islam discloses providing content analysis to a plurality of 
networks ([0016] lines 1-8); establishing a communication link between a switch 
in each of a plurality of subscriber networks and an application management 
appliance of a managed service provider network via an external 
communications network ([0016], [0032] lines 6-10); transmitting one of 
instructions and update information for a content analysis application from the 
application management appliance at the network switch to the switch in each of 
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the plurality of subscriber networks ([0014], [0016], [0037] lines 6-9); gathering 
performance metrics of the content analysis application from each of the plurality 
of subscriber networks ([0037] lines 14-19, [0038 lines 5-8, [0061][0062]). 

Claim Rejections - 35 USC § 103 

14. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

15. Claims 5-7, 11, 12, and 13 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Islam in view of Vairavan (US 2002/0083344). 

16. Considering Claim 5, Islam does not explicitly disclose the switch applying a 
content analysis algorithm to each data packet of unanalyzed content. 
Vairavan discloses the switch applying a content analysis algorithm to each data 
packet of unanalyzed content ([0131], Fig 6A). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Islam and Vairavan in order to 
increase security by not allowing any packet to go unchecked. 
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17. Considering Claim 6, Islam does not disclose the switch executing an anti-virus 
algorithm. 

Vairavan discloses the switch executing an anti-virus algorithm ([0105]). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Islam and Vairavan in order to 
address the growing threat of blended attacks, and to identify someone who is 
attempting a TCP port scan (Vairavan [0090] lines 18-23). 

18. Considering Claim 7, Islam does not disclose the switch executing an intrusion 
detection algorithm. 

Vairavan discloses the switch executing an intrusion detection algorithm ([0090]). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Islam and Vairavan in order to 
close the vulnerability window by stopping viruses and worms before they enter 
the network, and to ensure that virus security is controlled by the inter/intra- 
networking device and any updates are centrally pushed onto various devices in 
the enterprise (Vairavan [0105] lines 7-10). 

19. Considering Claim 11, Islam discloses the switch configured to implement 
content analysis software contained in the content analysis software update 
(abstract, [0014], [0016], [0037] lines 6-9). 
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Islam does not explicitly disclose applying the content analysis software update 
to each port at the switch. 

Vairavan does disclose applying the content analysis software update to each 
port at the switch ([0048] lines 1-7). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Islam and Vairavan in order to 
increase the efficiency of the switch and reduce the bottleneck at each individual 
port. 

20. Considering Claim 12, Islam discloses managing content analysis for a LAN from 
a managed server provider network (abstract, [0032] lines 6-10); comprising a 
switch in communication with an external communications network and at least 
one device in connection with the switch ([0033] lines 4-6, [0034] lines 10-13); 
establishing a communication link between the switch of the LAN and the 
managed server provider network via the external communications network 
([0016], [0032] lines 6-10). 

Islam does not explicitly disclose transporting port configuration instructions from 
the managed service provider network to the switch of the LAN, the port 
configuration instructions comprising instructions to configure at least one port at 
the switch to implement at least one content analysis function. 
Vairavan does disclose transporting port configuration instructions from the 
managed service provider network to the switch of the LAN ([0048] lines 1-7), the 
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port configuration instructions comprising instructions to configure at least one 
port at the switch to implement at least one content analysis function ([0048] lines 
1-7). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Islam and Vairavan for the 
benefit of remote access to the configuration of the device. Remote access 
would allow for administrators to alter the operating parameters of individual 
management modules via the network to affect performance gains or modify 
existing operating parameters (Vairavan abstract). 

21. Considering Claim 13, all limitations are contained in Claims 10-1 1 above and 
are rejected for the same reasons stated above. 

22. Considering Claim 14, Islam discloses monitoring content analysis activity at the 
switch from the managed service provider network ([0032] lines 3-11, [0038] lines 
5-8). 

23. Claims 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Islam 
and Vairavan in further view of Krupka et al. (US Pat. 5,483,467) herein after "Krupka". 

24. Considering Claim 8, Vairavan discloses applying the content analysis algorithm 
to each port ([0048] lines 1-7. 
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Islam and Vairavan do not explicitly disclose the switch individually scanning the 
plurality of ports. 

Krupka does disclose the switch individually scanning the plurality of ports 
(column 6 lines 56-63). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Islam, Vairavan and Krupka in 
order to ensure and improve the security of the entire network. Allowing certain 
ports go unchecked would be detrimental to the system as a whole. 

25. Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over Islam, 
Vairavan, and Krupka in further view of Wilson et al. (US Pat. 4,292,465) herein after 
"Wilson". 

26. Considering Claim 9, Islam, Vairavan, and Krupka does not disclose that each of 
the plurality of ports comprises a dedicated processor and each dedicated 
processor for a respective port independently applies a separate content analysis 
algorithm to unanalyzed content at the port, whereby each of the plurality of ports 
individually analyzes content with its respective processor. 

Wilson discloses that each of the plurality of ports comprises a dedicated 
processor and each dedicated processor for a respective port independently 
applies a separate content analysis algorithm to unanalyzed content at the port, 
whereby each of the plurality of ports individually analyzes content with its 
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respective processor (column 29 lines 16-24, each processor executing its 
respective function reads on a separate content analysis algorithm being applied 
at each port). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Islam, Vairavan, Krupka, and 
Wilson in order to increase the efficiency and reduce the bottleneck at each 
individual port. 

27. Claims 16-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Webb et al. (US 2002/0120741), herein after 'Webb", and Vairavan in further view of 
Wilson. 

28. Considering Claim 16, Webb discloses a LAN having content analysis 
capabilities (Figure 1D 1080, a switch fabric), a processor in communication with 
the interface connection with the interface connection ([0163], Figure 1D); a 
memory in communication with the processor (Figure 1D); an application buffer 
in communication with the processor and the memory (Figure 1 D); the 
application buffer contains logic operative on the processor to analyze a content 
of information passing between the external device and the port ([0161]); a 
communication bus in communication with each of the ports, the communication 
bus adapted to carry information between the plurality of ports ([0160] lines 23- 
26, Figure 1D). 
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Webb does not disclose discloses a plurality of ports each configured for 
communication with a respective external device; an interface connection 
adapted for connecting with a communication line of an external device. 
Vairavan does disclose a plurality of ports each configured for communication 
with a respective external device ([0048]); an interface connection adapted for 
connecting with a communication line of an external device ([0048]). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Vairavan, Wilson, and Webb in 
order to increase the efficiency of the network. 

Webb and Vairavan do not explicitly disclose that the switch is configured to 
individually analyze the content of information passing through each port. 
Wilson does explicitly disclose that the switch is configured to individually 
analyze the content of information passing through each port (column 29 lines 
16-24, each processor executing its respective function reads on a separate 
content analysis algorithm being applied at each port). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Vairavan and Wilson for the 
benefit of higher system performance. 




29. Considering Claim 17, Webb discloses an application buffer administrative 

interface in communication with the communication bus ([0163]); the application 
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buffer administrative interface comprises content analysis resources accessible 
by the application buffer for each port ([0163]). 

30. Considering Claim 18, Webb does not disclose one of the application buffers 
comprises anti-virus filtering logic. 

Vairavan discloses one of the application buffers comprises anti-virus filtering 
logic (0105]). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Webb and Vairavan in order to 
address the growing threat of blended attacks, and to ensure that virus security is 
controlled by the inter/intra-networking device and any updates are centrally 
pushed onto various devices in the enterprise (Vairavan [0105] lines 7-10). 

31 . Considering Claim 19, Webb does not disclose one of the application buffers 
comprises network security logic. 

Vairavan discloses one of the application buffers comprises network security 
logic ([0090]). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Webb and Vairavan in order to 
close the vulnerability window by stopping viruses and worms before they enter 
the network (Fortigate 1000: Real-Time Content Security for large enterprises) 
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and to identify someone who is attempting a TCP port scan (Vairavan [0090] 
lines 18-23). 

32. Considering Claim 20, Webb does not disclose one of the application buffers 
comprises content filtering logic. 

Vairavan discloses one of the application buffers comprises content filtering iogic 
([0090]). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Webb and Vairavan in order to 
close the vulnerability window by stopping viruses and worms before they enter 
the network, and to identify someone who is attempting a TCP port scan 
(Vairavan [0090] lines 18-23). 



33. Considering Claim 21 , Webb does not disclose the application buffer 

administrative interface comprises anti-virus definitions adapted for use by anti- 
virus logic stored on an application buffer at a port. 

Vairavan discloses the application buffer administrative interface comprises anti- 
virus definitions adapted for use by anti-virus logic stored on an application buffer 
at a port ([0105] it is inherent that anti-virus software must use anti-virus 
definitions). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention to combine the teachings of Webb and Vairavan in order to 
address the growing threat of blended attacks, and to ensure that virus security is 
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controlled by the inter/intra-networking device and any updates are centrally 
pushed onto various devices in the enterprise (Vairavan [0105] lines 7-10). 
Having the up-to-date anti-virus definitions gives you the benefit of filtering out 
new viruses and worms not detected by older software. 

Conclusion 



34. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

> US 2005/0050362 - a switch containing security features. 

> "Fortigate 1000: RealOtime Content Security for Large Enterprises", 
http:llwww.fortinet.comldoclFGTIOOODS.pdf, dated January 2003, four 
pages. - provides motivations for all security techniques. 



35. Any inquiry concerning this communication or earlier communications from 

the examiner should be directed to Randal D. Moran whose telephone number is 
571-270-1255. The examiner can normally be reached on M-F: 7:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examinees supervisor, Nabil El-Hady can be reached on 571-272-3963. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 



Randal D. Moran 




